Wireless security beacon for consumer equipment

ABSTRACT

A security system for consumer equipment has a lock for preventing use of the equipment, and broadcasts a beacon signal indicating stolen status, if the lock does not receive a valid key signal over a wireless link. The beacon signal can help police identify stolen goods, and makes mere possession of stolen goods more risky and so deters theft. The lock serves to make the equipment useless or very expensive to make useful, once stolen. Little or no change of behaviour by users is needed. The beacon can be passive, in snooze state to save power, with periodic listening for an interrogating (police) radio, which causes it to wake up and transmit. The system can securely store, and optionally broadcast, a secure identifier which is traceable to an owner of the equipment, to aid recovery and conviction. Tamper resisting measures can be included.

FIELD OF THE INVENTION

The invention relates to security systems for consumer equipment, tocorresponding methods and software, to consumer equipment having suchsystems, to methods of detecting stolen equipment, and to methods ofoperating a service of tracing ownership of recovered consumerequipment.

BACKGROUND

It is known from European patent application 0,852,367 (Siemens) toprovide an anti-theft system for electrical goods e.g. video recorders,by periodically transmitting identification numbers to a controller viathe mains electricity supply. If the controller does not receive aparticular identification number for a predetermined time, it assumesthe item is stolen and raises an alarm. U.S. Pat. No. 5,963,131 showstheft protection systems for portable electrical items such as lap topcomputers. A motion detector and/or proximity detector detects the theftand triggers an audible alarm.

U.S. Pat. No. 6,150,923 (Johnson, et al.) provides an anti-theft systemfor example for a car radio, domestic electrical items, or electricaloffice items such as computers, video recorders, televisions or the likewhich locks the device off when theft is detected. Such detectioninvolves detecting disconnection from its power supply, or when amovement detector such as a tilt detector is triggered. An audio alarmsignal can also be provided, supplied by its own on board battery. Inthe case of the car radio, when the device is re-connected and switchedon, a security code must be entered to enable the radio to operate. Ifthe system is incorporated into a mobile phone, the alarm may includesending a message to a predetermined location. If the system isincorporated into a component of a computer, the alarm may includedisplaying a message on the screen of, or disabling the operation of anycomputer that the component is subsequently used in. A disadvantage ofall these types of anti-theft system, is that while the equipment is notconnected, it is not immediately obvious whether it has been stolen,once the audio alarm has exhausted its battery.

It is also known to provide electronic tags attached to consumerequipment to deter theft. As shown in U.S. Pat. No. 6,317,028(Valiulis), such tags can be coupled to control electronics of theequipment to disable the equipment unless the tag receives apredetermined security code. The tag enables the security code to bereceived regularly by a short range RF interface or by mains powersupply signalling system, from a central controller elsewhere in theconsumer premises. Again there is nothing to help indicate the goodshave been stolen, once the alarm is exhausted.

It is also known to provide a theft deterrent system for shop displaysusing tags attached to the products which if tampered with, cause theproduct and perhaps the thief, to be marked with an indelible dye.Although this is effective in making it obvious that the goods have beenstolen, it is not removable, and not suitable for deterring theft fromconsumers premises for obvious reasons. It is also known to providetracker systems for indicating the whereabouts of stolen cars. In thiscase a small radio transmitter is hidden in the car, capable ofcommunicating with a nationwide radio network. It is normally notconnected to the network, and is switched on and connected to thenetwork only when triggered by the user reporting the theft and theidentity of the car.

It is also known from EP 1170969 to have a mobile handset for a cellularnetwork arranged to send SMS (short message service) messages to aspecified number when the handset has been stolen, to indicate where thehandset is, to aid recovery. This relies on the phone first receiving a“stolen” control message from the owner.

SUMMARY OF THE INVENTION

It is an object of the invention to provide improved apparatus ormethods, addressing such problems. According to a first aspect of theinvention, there is provided a security system for consumer equipment,the system having:

a lock for preventing use of the equipment, the lock having a receiverfor receiving a key signal from an external source, the lock beingarranged to check the key is valid, and if so, enable the use of theequipment, the system also having:

a wireless transmitter for the equipment for broadcasting a beaconsignal indicating stolen status, if the lock does not receive a validkey.

The beacon signal can help police to recover stolen goods, and makesmere possession of stolen goods more risky for the thief or for dealersin stolen goods (fences). If the thief believes the equipment could havesuch a beacon, they could be deterred from carrying out the theft atall. The lock serves to make the equipment useless or very expensive tomake useful, and hence can reduce or destroy the sale value to the thiefand to the fence. The inventors have realised that these measures can becombined to great effect, and notably that the measures need little orno change of behaviour by users, and so are much more likely to becomewidely used, and be effective. At least for a radio transmitted key, itis relatively easy to have a single key for many pieces of equipment,which again can make it much easier for the owner to use. The termconsumer equipment is intended to encompass any equipment which issufficiently portable to be susceptible to theft, including computerequipment, household appliances, household electronics, and similarequipment used by organisations including schools, hospitals andbusinesses for example. Enabling the use of the equipment can includefor example enabling use for a predetermined period of time, or for anumber of operations before re-validation is required.

An additional feature of some embodiments is the receiver being awireless receiver and being integrated together with the wirelesstransmitter.

This dual use of a single unit is based on a recognition that the twofunctions are complementary as they operate at different times and soneed not conflict. The dual use can help keep the component count lowand reduce manufacturing costs. There are also advantages if the beaconhas a receive function. This means it can have a snooze state, withperiodic listening for radio activity. If an interrogating (police)radio is heard, then it can wake up and transmit its alarm beacon. Adisadvantage is that it takes longer to be detected, as the device isasleep for long periods. However, as reception takes less energy thantransmission this mode of operation can enable operation for a muchlonger period. Furthermore, as the beacon function can listen, it canengage in dialogue with an interrogating (police) radio. Such dialoguecan include declaring its identity, or information such as a post-code.To needlessly transmit this with every alarm broadcast would useexcessive energy.

An additional feature of some embodiments is the security systemincorporating an identifier which is traceable to an owner of theequipment.

This can help allow the police to trace the owner of stolen goods, whichcan increase the chances of a successful conviction of the thief orfence. Notably as this type of identifier is internal, it does notaffect the appearance of the equipment, can minimise actions or effortfrom the owner, and is difficult for the thief to remove or alter

An additional feature of some embodiments is an identifier communicationmeans being incorporated with the lock, for use with authorised readers.

By incorporating it with the lock, this is again a dual use, based on arecognition that the two functions are complementary, and operate atdifferent times, and so need not conflict. Again, the dual use can helpto keep the component count low and reduce manufacturing costs. Theidentifier can be readable on interrogation, or readable by beingbroadcast periodically by wireless.

An additional feature of some embodiments is the identifier beingbroadcast by the wireless transmitter.

This is a dual use of the transmitter, and is based on a recognitionthat the two uses are compatible and need not conflict. Again the dualuse can help to keep the component count low and reduce manufacturingcosts. The identifier can be transmitted in response to interrogation byan authorised reader, or can be broadcast periodically.

An additional feature of some embodiments is the security system havinga tamper detector for detecting tampering with the system, and forpreventing use of the equipment if tampering is detected.

This can make it more difficult, expensive or impossible for a thief orfence to counter the security measures, and so reduce the value of thegoods to the thief or fence.

An additional feature of some embodiments is an internal battery powersupply for the wireless transmitter.

This can enable the beacon signal to be transmitted even when theequipment power supply is disconnected.

An additional feature of some embodiments is transmitting the beaconsignal intermittently.

This can help increase the longevity of the beacon signal.

An additional feature of some embodiments is the identifier beingencrypted.

An additional feature of some embodiments is the lock being arranged tocheck for a valid secure key when the equipment is switched on.

An additional feature of some embodiments is checking for a valid securekey periodically.

An additional feature of some embodiments is the wireless transmittercomprising an RF tag.

An additional feature of some embodiments is the wireless transmitterbeing arranged to send an SMS message.

An additional feature of some embodiments is a theft detector fortriggering the broadcasting of the beacon signal.

An alternative or addition is to have it triggerable by an externalcommand.

An additional feature of some embodiments is a warning for indicatingthat the equipment is protected by a beacon signal transmitter, or thattampering will result in disabling of the equipment.

This can be any type of warning including a label on or near theequipment and can add value by acting as a deterrent. Deterrence isimportant, in the case of car radio theft for example, the cost ofdamage to the car may be much greater than the cost of the radio.

A second aspect of the invention provides a security system for consumerequipment, the system having:

a lock for preventing use of the equipment, the lock having a receiverfor receiving a key signal from an external source, the lock beingarranged to check the key is valid, and if so, enable the use of theequipment, the system also having:

an identifier, incorporated securely in the lock and traceable to anowner of the equipment in the case of theft of the equipment.

An advantage of incorporating the identifier code in the lock is that itcan be secured more easily against alteration by a thief or fence, andcan be supplied as a subsystem to the equipment manufacturer, togetherwith the key. This can reduce the value of stolen goods and increase theanti theft deterrent, whether or not a beacon is included as well. As anadditional feature an identifier communication means is incorporatedwith the lock, which can give corresponding benefits of increasedfunctionality but without additional components or manufacturing costs.Also it can be relatively easy for an owner to use compared to prioralternatives such as those which require entry of a PIN at switch on, orlabelling with invisible ink.

A third aspect of the invention provides a security system for consumerequipment, the system having:

a lock for preventing use of the equipment, the lock having a receiverfor receiving a key signal from an external source, the lock beingarranged to check the key is valid, and if so, enable the use of theequipment, the system also having:

a tamper detector for detecting tampering with the system, and forpermanently preventing use of the equipment if tampering is detected.

This combination again can reduce the value of the stolen goods and soact as an anti theft deterrent, whether or not a beacon is included. Theenabling of the equipment can be for a predetermined period of time, ornumber of operations before re-validation is required, for example.

A fourth aspect of the invention provides consumer equipment having anequipment controller, and having the security system of any precedingclaim, the controller being arranged to cooperate with the lock of thesecurity system and to operate depending on the lock.

An additional feature of some embodiments is a remote key unit forsending the key to the security system.

An additional feature of some embodiments is the controller beingarranged to exchange encrypted information with the security systemperiodically, and continue operating depending on whether a validresponse is received from the security system.

An additional feature of some embodiments is the equipment being one ofcomputer equipment, games equipment, audio, video or communicationsequipment, in car equipment, household appliances, and school, hospital,or business equipment.

Another aspect provides a remote key transmitter unit for use with thesecurity system or with the consumer equipment.

Another aspect provides a method of detecting stolen consumer equipmentby using a wireless receiver to recognise a beacon signal indicating astolen status, output by the consumer equipment

Another aspect provides a method of operating a service of tracingownership of recovered consumer equipment, having the steps of:

receiving an identifier from the stolen equipment, and

decoding the identifier to determine the owner.

Features can be in the form of software for running on conventionalfirmware or hardware such as microprocessors, digital signal processors,application specific integrated circuits and so on. Any of theadditional features can be combined together or with any of the aspectsof the invention, as would be apparent to those skilled in the art.Other advantages may be apparent to those skilled in the art, especiallyover other prior art not known to the inventors.

BRIEF DESCRIPTION OF THE DRAWINGS

Embodiments of the invention will now be described by way of example,and with reference to the accompanying drawings, in which:

FIG. 1 shows an embodiment of the invention with the lock and wirelesstransmitter being integrated,

FIG. 2 shows another embodiment with the wireless transmitter separatedfrom the lock,

FIG. 3 shows consumer equipment according to an embodiment of theinvention,

FIG. 4 shows in schematic form some of the functions of an embodiment ofthe invention,

FIG. 5 shows another embodiment, having a lock with an embeddedidentifier,

FIG. 6 shows another embodiment, having a lock with tamper detection,and

FIG. 7 shows a chain of those parties affected by embodiments.

DETAILED DESCRIPTION

In at least some of the embodiments described, consumer equipment has anenhanced radio lock to prevent unauthorised use, and indicate a stolenstatus. This indication can be activated and maintained even if theequipment is switched off or disconnected from its normal power supply.The stolen status is made apparent in one or more ways, to potentialbuyers, and to the police so that the equipment is harder to sell andriskier to possess. The status is indicated by RF transmissions whichcan be detected by monitoring equipment which could be used by police orprivate security service agencies.

FIG. 1 shows an overview including an anti theft security system 40 inconsumer equipment 60. Although illustrated as a separate item, thesystem may optionally be incorporated in existing hardware in theconsumer equipment. The consumer equipment can be household, business orin-car equipment for example. It can be anything portable and valuableenough to be worth stealing, including computers, computer accessories,games consoles, audio or video equipment, modules, discs or cartridgeshaving software or any valuable content for example. Examples of in carequipment include radios, CD players, navigation systems, trafficinformation systems, television or video players or games players, forexample. Consumer premises 80 can be a house, office, retail premises,school, hospital, vehicle, and so on. The system includes a lock 10 forreceiving and checking a key sent by a remote key transmitter 90. Thekey transmitter is typically located elsewhere in the consumer premises,so that it is unlikely to be stolen at the same time as the equipment.It can be small enough to be carried on a key ring of an owner or user,or security staff for example. It can be used for validating many piecesof equipment, if convenient. The key could be any form of secureinformation including biometric identifiers of a genuine owner forexample.

The system also has a wireless transmitter 20 for sending a beaconsignal indicating a stolen status, via antenna 75. The stolen status canbe determined if there is no valid key received within a predeterminedtime period, or by a combination of this and other circumstances, suchas disconnection from a power supply or other network, or detection ofmotion, as appropriate to the type of consumer equipment. Thetransmitter can be a dedicated transmitter, or be used for otherpurposes. It can be an RF transmitter, using well known standards forshort range transmission, e.g. less than 100 m, such as Bluetooth,ZigBee, or cellular phone standards such as GSM, to enable use of SMS.Another alternative is to use optical frequencies such as infra red,though this is more suitable for the key than the beacon signal, as itis easier for a thief to block it. It can be active or passive, in thesense of being arranged to transmit only when interrogated, or passivein the sense of using the received signal to power the responsetransmission. To increase the anti theft deterrence, the lock andtransmitter and optionally other parts are preferably made resistant totampering. This can be achieved by having a back up battery, bymonitoring that the battery back up is not disconnected, and monitoringthat the transmitter is still functioning. The display and the RFtransmitter can be monitored by checking impedance and currentconsumption for example, or by measuring light or RF outputrespectively, for example.

FIG. 1 also shows interactions with the environment outside the consumerequipment, such as police or security agency detectors 70 checking forthe RF emissions showing the stolen status to locate stolen goods. Thesemay be located and used anywhere, including at sales locations forsecond hand equipment, at transport hubs such as ports, airports, roadjunctions and so on. Radio direction finding equipment could be used tolocate the goods more accurately. Cameras could be used to record numberplates of vehicles passing with stolen goods for example. To make thebeacon signal last as long as possible, to save battery power, it can besent intermittently or only when movement is detected for example, oronly when an interrogation signal is detected. The transmitter can be apassive RF tag which requires no power supply, but which can receive anRF signal and use some of the received power to broadcast a weakresponse signal. This will lengthen the period of time the stolenequipment is “hot”, and therefore less valuable to the thief.

Not shown, for the sake of clarity, is an external authorised resettingservice which may be useful for resetting the indication once the stolengoods are returned to their owner, or in the case of loss of or faultswith the key transmitter. The service sends a resetting key to theequipment once it is satisfied the goods are not stolen. The lock canverify the resetting key matches an embedded key before enablingoperation of the equipment. Alternatively or as well, the secure resetprocess can be carried out with a matching key 30 provided by theconsumer from elsewhere on the consumer premises. This can be a PIN(personal identification number) remembered and entered manually by theconsumer, or sent automatically from a household security controllerover mains signalling or RF, for example.

FIG. 2 shows another embodiment. Corresponding reference numerals tothose of FIG. 1 have been used where possible. In this case, the key isreceived by the lock over a separate path to that used by the wirelessbeacon signal. The path for the key could be a mains power linesignalling path, or a different radio path for example. This may be moreconvenient for some types of consumer equipment, or for compatibilitywith other equipment. In an alternative embodiment, the code used in thekey is actually stored elsewhere, not in the key transceiver. If the keytransceiver is connected to a network, a phone line, or the internet, itcan obtain from a remote server a key sequence to transmit to the lock.A first advantage of this is that this means that the key will not bestolen, if the key transceiver is stolen, as it doesn't contain theinformation needed to transmit the correct key signal. A secondadvantage is that the key can be provided by a second organisation, toenable the equipment. In a further alternative embodiment, the keytransceiver is dispensed with, and the key is sent from the remoteserver directly to the equipment. An example is a set top box, fordecoding satellite or cable or other television transmissions, which isenabled by a key signal sent by the broadcast television operator inreturn for a subscription. In this case, no key transceiver is needed. Abeacon transmitter is incorporated in the set top box, which can beactivated to assist in the recovery of the set top box, in the event oftheft (or discontinuance of the subscription).

FIG. 3 shows a more detailed view of an embodiment, showing some of theprincipal hardware elements. An anti theft security system 440 protectsconsumer equipment 430. These can be implementations of the features 40and 60 of FIG. 1 or 2, or otherwise. The system has software functions450, and optionally a low power display such as an LCD, for displayingstatus. This may be a dual use of an equipment display. Other functions480 of the equipment may use the display. These other functions includecontrol software 475 for disabling the equipment unless encryptedexchanges with the anti theft system are valid. Any of these softwarefunctions can be run on conventional hardware such as microprocessors orapplication specific circuitry. Separate circuitry can be used for thesecure functions, or the same processor can be used for all thefunctions, for example. The anti theft security system also has a backup battery 500, a disconnection detector 470, and a connection to anexternal audio alarm 490, which may be a household or premises or caralarm for example. The system also has an RF transceiver 495, includingRF circuitry, tamper detection circuitry and an antenna. Optionally thiscan be an RF tag, either passive or active. The disconnection detectionis optionally for the purpose of deciding when theft has occurred, andtriggering of the key validation process. It can optionally be carriedout directly by the microprocessor or be detected by other functions 480of the equipment. It can be arranged to detect disconnection from amains power supply, or in the case of car equipment, from the 12 voltsupply from the car battery, or disconnection from the car aerial forexample.

The microprocessor can be a conventional general purpose processor or amodule of an application specific integrated circuit for example. It isarranged to run software for a number of functions including the lock,the beacon transmitter and the key receiver, some of which are explainedin more detail below with reference to FIG. 4. It is arranged to receivean RF key signal, with an identifier, and check the key and theidentifier, to check they match with an embedded key and identifier. Itis also arranged to decide theft status, transmit an RF beacon signal,and undertake encrypted exchanges with an equipment control part 475.Other functions of the microprocessor include storing the embeddedidentifier, releasing it to authorized requesters, by displaying it ortransmitting it in an RF signal for example. The microprocessor is alsoarranged for driving the display, battery monitoring, and tamperdetection. The tamper detection can take the form of monitoringconnectivity with external parts such as the rest of the equipment, theradio transceiver, and the antenna. The voltage, current or impedance ofthe connections can be monitored, continuously or periodically. A secondantenna could be used to ensure the first antenna is transmittingsuccessfully, and has not been tampered by removal or short circuitingfor example. Tamper detection immediately causes the microprocessor toalert the equipment control software, or cease responding to it.

The system 440 can be constructed in the form of a display module, withback up battery, microprocessor and RF transmitter built in. The modulecan accept inputs from the other functions of the equipment to enablethe display to be used for normal operating messages, either to drivepart of the display directly, or via the microprocessor.

The key transceiver 420 in this case has a display 425 which could be asmall LED or Alphanumeric LCD display, for indicating a status of theequipment, that it is in range and acknowledging the key transmissionsfor example. It could have an audio indicator if convenient, to alertthe owner or user of a change in status. It has its own battery powersupply 500, and a microprocessor 435 for running software to store theidentifier, transmit the key incorporating the identifier, and controlany encryption and exchange of information with the anti theft system.In principle the key transceiver can be a one way transmitter with noreceive function, but in practice there are advantages to having anexchange of information between the key and lock, to acknowledge receiptand enable the key to be changed or updated to make it more secure.

FIG. 4 shows an example of functional steps of an embodiment of an antitheft system, such as that of FIG. 1. This may be embodied in softwareusing a conventional language, running on the microprocessor of FIG. 3,or elsewhere. At step 100, if a valid key is detected within apredetermined time, a non stolen status is decided and normal operationof the equipment is enabled at step 110, by means of regular encryptedmessages to the control software of the equipment. This decision isoptionally supported by other factors indicating theft, such asunexpected disconnection or movement. If a stolen status is determined,at step 320 optionally a message is displayed to warn a genuine userthat theft has been detected. This message may warn of the consequencesand prompt the user for a reset code. At step 330, if the correct resetcode is entered within a given time limit, then no action is taken otherthan making a record in the audit log at step 350, and the processreturns to step 100 to await another detection. The code can be in anyform including biometric identifiers of a genuine owner for example. Thepredetermined time period can be set to suit the type of equipment. Forequipment such as cameras which might be used away from the home, theperiod might be a day or more, so that the key transmitter can be leftat home. For other less portable equipment, the period might be shorter,even minutes, to allow time for a reset input. A different, shorterperiod can be allowed before an alarm is triggered.

If no correct reset is received, at step 140, the equipment is disabledtemporarily, and the beacon signal is transmitted. The radio transceivercan optionally be arranged to continue transmitting independently of themicroprocessor, in case the microprocessor is disconnected or disabled.The indication can include an identifier in the form of information suchas post code information to enable the owner to be traced, or codedinformation which the maker or retailer can relate to the owner orowner's address. It could indicate the value or type of the equipment,to aid police or other agencies to prioritise recovery efforts. Thisidentifier can be output in a number of ways, including as part of theindication, or only when interrogated by an authorised system or person,to save battery power. Where the indication is a display, the identifiercould be displayed in response to key presses. Where the indication isan RF signal, an authorised RF detector could request furtherinformation. The equipment could enter a dialogue with the detector andsend the identifier and other information on request to the detector.

Next a loop with three main actions is undertaken repeatedly at steps360, 380, and 330, for which the order is not critical. At step 360, acheck for tampering is carried out, as described above. (Of course thiscan be carried out continuously.) If tampering is detected, at 370, theequipment is permanently disabled, for example by deleting software, orceasing to respond to requests from the equipment to enable it tooperate. Preferably there should be a clear warning somewhere on theequipment of the consequence of tampering. At step 350, an indication ofthe permanent disabling is shown, and/or transmitted, and acorresponding record added to the audit log.

At step 380, a check on the level of the back up battery is carried out.If low, at step 390, consumption is reduced by displaying ortransmitting intermittently, or only when movement is detected, or whenthe equipment detects inspection or interrogation in any form. At step330, the system checks for a correct reset input. If no, the stolenstatus remains and the system repeats steps 360, 380 and 330. If yes,the indication of stolen status ceases, and after making an appropriateentry in the audit log, the system returns to step 300 to await anotherdetection. The audit log can be stored in secure non volatile memorywith appropriate safeguards to prevent unauthorised access or tampering,following established implementation methods.

FIG. 5 shows another embodiment. Corresponding reference numerals tothose of FIG. 1 have been used where possible. In this case, no beaconsignal is transmitted. The lock 510 has an embedded identifier which istraceable to the owner. To enable normal operation of the equipment, thekey received from the key transmitter is checked as described above. Inthis case, the identifier is contained in the key signal, and checked.The key on its own may be unique, and so can be secure for the purposeof preventing unauthorised use. Also, it can be used to verify ownershipif the owner has been found. However without the identifier, the keydoes not help trace the owner. The identifier can be an encryptedversion of a postcode, or can be traced by reference to a mapping heldby police or a third party such as a service organisation. Theidentifier can be entered once at the time of setting up the equipment,or repeatedly updated by an exchange of information with the keytransmitter.

In FIG. 5 the lock stores the identifier in a tamper proof non volatilememory, and makes it available to authorised requesters. This couldrequire a password or any sort of code, or be openly available. If thegoods are suspected of being stolen, the police 520 could retrieve theidentifier from the goods and trace the owner by contacting the serviceagency 90 who would decode the identifier and return the owners contactdetails. This could be carried out by a telephone call, or otherimmediate 2-way communication.

FIG. 6 shows another embodiment. Corresponding reference numerals tothose of FIG. 1 have been used where possible. In this embodiment, thelock 550 has tamper proofing measures, but does not necessarily have abeacon or identifier. As before, the key is checked by the lock and ifvalid, and if no tampering is detected, then the lock enables operationof the equipment. The lock detects tampering with the RF antenna orassociated circuitry, or tampering with the coupling to the equipmentcontrol. In the event of tampering, the equipment control is commandedto permanently disable the equipment, by deleting software for example.

FIG. 7 shows a graphical representation of a chain of parties involvedin some types of consumer equipment, to show the wide impact of theembodiments and of anti theft measures generally. Component makers 610can benefit from added value components, from running associatedservices, and from improved brand image. Such makers feed consumerequipment makers 620, who can see similar benefits, and benefits fromproduct differentiation. They feed retailers 630, who could benefit fromgreater sales and reduced theft from their premises. The consumer 660clearly benefits from reduced theft, with consequences such as reducedinsurance costs and improved sense of security. Also feeding theconsumer are insurance companies 690, and alarm installers 650. Thelatter could see a larger market for related products and services, andfewer costs from false alarms. Corresponding benefits can arise forsecurity system makers 640, supplying the installers.

Clearly the potential thieves 680 suffer from increased risk of capture,and greatly reduced value of stolen goods if they show they are stolen,and are disabled. The “fence” or receiver 670 who buys the stolen goodsalso suffers from the higher risk of capture, greater difficulty in“cleaning” the goods to try to remove evidence that it is stolen. Allthis can lead to benefits to the police or private security firms 700,of reduced false alarms, higher detection rates, and reduced crime. Asgovernment 710 is ultimately responsible, it benefits from improvedpolicing results, and from reduced tax and duty evasion from trade instolen goods, and from more votes from a more contented electorate.

Concluding remarks: Other variations will be apparent to those skilledin the art, within the scope of the claims. As has been described above,a security system for consumer equipment has a lock for preventing useof the equipment, and broadcasts a beacon signal indicating stolenstatus, if the lock does not receive a valid key signal over a wirelesslink. The beacon signal can help police identify stolen goods, and makesmere possession of stolen goods more risky and so deters theft. The lockserves to make the equipment useless or very expensive to make useful,once stolen. Little or no change of behaviour by users is needed. Thebeacon can be passive, in snooze state to save power, with periodiclistening for an interrogating (police) radio, which causes it to wakeup and transmit. The system can securely store, and optionallybroadcast, a secure identifier which is traceable to an owner of theequipment, to aid recovery and conviction. Tamper resisting measures canbe included.

1. A security system (40) for consumer equipment (60), the systemhaving: a lock (10) for preventing use of the equipment, the lock havinga receiver for receiving a key signal from an external source (90), thelock being arranged to check the key is valid, and if so, enable the useof the equipment, the system also having: a wireless transmitter (20)for the equipment for broadcasting a beacon signal indicating stolenstatus, if the lock does not receive a valid key.
 2. The security systemof claim 1, the receiver being a wireless receiver and being integratedtogether with the wireless transmitter.
 3. The security system of claim1 or 2, incorporating an identifier which is traceable to an owner ofthe equipment.
 4. The security system of claim 3, having an identifiercommunication means incorporated in the lock for use with authorisedreaders.
 5. The security system of claim 3, the identifier beingbroadcast by the wireless transmitter.
 6. The security system of anypreceding claim, having a tamper detector (360, 550) for detectingtampering with the system, and for preventing use of the equipment iftampering is detected.
 7. The security system of any preceding claim,having an internal battery power supply (500) for the wirelesstransmitter.
 8. The security system of any preceding claim, arranged totransmit the beacon signal intermittently.
 9. The security system ofclaim 3 or any claim depending on claim 3, the identifier beingencrypted.
 10. The security system of any preceding claim, the lockbeing arranged to check for a valid secure key when the equipment isswitched on.
 11. The security equipment of any preceding claim, beingarranged to check for a valid secure key periodically.
 12. The securityequipment of any preceding claim, the wireless transmitter comprising anRF tag.
 13. The security equipment of any preceding claim, the wirelesstransmitter being arranged to send an SMS message.
 14. The securityequipment of any preceding claim, having a theft detector (450) fortriggering the broadcasting of the beacon signal.
 15. The securityequipment of any preceding claim, having a warning for indicating thatthe equipment is protected by a beacon signal transmitter or thattampering will result in disabling of the equipment.
 16. A securitysystem (40) for consumer equipment (60), the system having: a lock (510)for preventing use of the equipment, the lock having a receiver forreceiving a key signal from an external source, the lock being arrangedto check the key is valid, and if so, enable the use of the equipment,the system also having: an identifier, incorporated securely in the lockand traceable to an owner of the equipment in the case of theft of theequipment.
 17. The security system of claim 16, having an identifiercommunication means incorporated in the lock for use with authorisedreaders.
 18. A security system (40) for consumer equipment (60), thesystem having: a lock (550) for preventing use of the equipment, thelock having a receiver for receiving a key signal from an externalsource, the lock being arranged to check the key is valid, and if so,enable the use of the equipment, the system also having: a tamperdetector (550) for detecting tampering with the system, and forpermanently preventing use of the equipment if tampering is detected.19. Consumer equipment (60) having an equipment controller (475), andhaving the security system of any preceding claim, the controller beingarranged to cooperate with the lock of the security system and tooperate depending on the lock.
 20. The equipment of claim 19, having aremote key unit (90, 420) for sending the key to the security system.21. The equipment of claim 19 or claim 20, the controller being arrangedto exchange encrypted information with the security system periodically,and continue operating depending on whether a valid response is receivedfrom the security system.
 22. The equipment of any of claims 19 to 21,being one of computer equipment, games equipment, audio, video orcommunications equipment, in car equipment, household appliances, andschool, hospital, or business equipment.
 23. A remote key transmitterunit (90, 420) for use with the security system of any of claims 1 to18, or with the consumer equipment of any of claims 19, 21 or
 22. 24. Amethod of detecting stolen consumer equipment by using a wirelessreceiver (70) to recognise a beacon signal indicating a stolen status,output by the consumer equipment (60) of any of claims 19, 21 or
 22. 25.A method of operating a service (90) of tracing ownership of recoveredconsumer equipment as set out in any of claims 19 to 22, when dependenton claim 3 or claim 16, having the steps of: receiving an identifierfrom the stolen equipment, and decoding the identifier to determine theowner.